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AMENDMENT TO THE CLAIMS 



1 . (Currently amended) A method of authenticating a user of a client computer at a server computer 
executing a distributed application on a plurality of data processing agents, comprising the steps of: 

receiving a service request fiom the user at a first data processing agent; 

submittijig an authentication request fix>m the first data processing agent to a second data 
processing agent to authenticate the user; 

receiving n response to the authentication request at the first data processing agent Scorn the 
second <^fttft processing agCTi t wherein^ if the user is successfiilly authenticated, the response 
includes authentic ation information that the first data processing agent can use to authenticated a 
subsequent user service request without submitting a subsequent authentication request to the 
second data processing agent ; and 

if the receive response indicates that the user is successfully authenticated, providing the 
requested service to the user. 

2. (Original) Tlie method of claim 1, 'wiierein the received response incltides a level of access 
privileges for the user, and the providing step includes the step of determining the service provided 
to the user based upon the user's access privilege level. 

3- (Original) The method of claim 1, fiirttier incliiding the steps of receiving the service request &om 
the user at the first data processing agent included in a first server, and sulsnitting the authentication 
request fiom the Iirst data processing agent to the second data processing agent included in a second 
server. 
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4. (Currently amended) A system for audienticating a user of a client computer at a server computer 
executing a distributed application on a pluralily of data processing agents, the system comprising: 

a server including a first data processing agent for receiving a service request from the user 
and a second data processing agent for authenticating the user, 

\?rfierein ihe first data processing agen t is configured to submit - includes rcsourggs for 
submittiDg an auihentication request to the second data processing agent to authenticate the xiser, 
and 

wherein Ihe second data processing agen t Js configured to receive includg s resources - - fot 
receiving the authentication request, attemptiBg to authenticate the user, and transmittiiig a response 
indicative of whcdier the user is successfiilly authenticated to the first data processing agent, 
whcrciiy if the u s er is succcssfijlly authenticated, the response includes authentication information 
giat the first data processing agent can use to authenticate a subsequent user service request without 
submitting a sub se quent authentication request to the second data processing agent 

5. (Cunentiy amcjided) A method of authenticating a user of a cKenl computer at a server computer 
executing a distributed appHcation on a plurality of first data processing agents, comprising the steps 
of: 

receiving a first service request from the user at » one of the plurahty of fi rst data processing 

agent; 

submittiiig an authentication request from th e one of the plurality of first data processing 
agent to a second data processing agent to authenticate the user, 

authenticating the user at the second data processing agent; 
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if the user is successftJly authenticated, storing a first timeout value indicative of a 
predetermiaed fii>1_time perio d on the second data processing agent ; 

determining whether the predetenrdned first t ime period is exceeded ; starting &om a time of 
rooeipt of the fiml Kcnace requegt^ and 

if the pre<ieteiTnined first t ime period is exceeded without receiving a second service request 
fix)m the user, rec| airing the user to be authenticated at the second data processing agent upon receipt 
of the second sav ice request *; and 

if the second service request is received from the user at another of the plurality of first data 
processing agents before the first time period is exceeded, restarting the first timeout period- 

6. (Currently amended) The method of claim 5, fiuther including the steps of receiving the second 
service request Trom the user, and deteraiining whether the first p redetermined time period is 
exceeded gt a rting from the - time of receipt of the Bccond csrvice rgque s t . 

7, (Currently amended) The method of claim 5, further incKiding the steps of receiving the second 
service request from the user at the one of the plurality of fi rst data processing agents, transmitting a 
message from the one of the plurality of first data processing agents to the second data processing 
agent including a notification that the second service request is received, receiving the notification at 
the second data processing agent, and determining whether the predetemiined time period is 
exceeded. etartiniJ from the timf" of receipt of the notification . 
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8. (Cuirently amended) A system for autbenticating a user of a client compater at a server computer 
executing a distributed appUcation on a pluiaUty of data processing agents, the system comprising: 

a server including a plurality of fi rst data processing agents for receiving service requests 
from the user and a second data processing agent for authenticating the user, 

wherein ea ch of t he plurality of fi rst data processing agents is configured to submit -iaetode^ 
prcotirccr for rv'-v^'"^^c °" authentication request to the second data processing agent to 
authenticate the viser, 

wherein the second data processing agen t is configured to feccive includec rgcoiiT r TgE for 
rcceiAi ng-the authentication request, attempting to authenticate the user, storeisg a first t imeout 
value indicative oV a first p redetemuned time period if the user is successfiiUy authenticated, and 
determinemg whether the first p redetermined time period is exceededj-s tarting firom » tame of 
rccgipt of a^firtit acr^ice rgquest at the first data procGocing agents and 

wherein each of the plurality of first data piocessir^ agents is further configured to notify 
the second data processing agent if a second service requfi$t is received ftom the user and the second 
data processing^ a ftcnt is configured to restart the first timeout period in response to receiving the 
nonfication, 

wherein ea ch of t he plurality of^fi rst data processing agents ig^fuithe r configured to includes 
rcrourccc fcr rf-iiiir;ino the user to be re-aufhenticated at the second data processing agent upon 
receipt of a second service request if the first p redetermined time period is exceeded before the 
second service request is received. 

9-11. (Canceled) 
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12. (New) The method of claim 1, vrfierein the step of receiving the response to the authentication 
request at the first data processing agent includes receiving authentication information that includes 
a user name and a password associated with the user. 

13. (New) The method of claim 1, further comprising the steps of: 

storing the received authenticacdon infomiation on the first data processing agent; 
receiving a second service request from the user at the first data processing agent; and 
using the stored authentication infomadon to authenticate the user without submitting a 
subseqtient authentication request to the second data processing agent 

14. (New) The system of claim 4, wherein the authentication information includes a user name and 
a password associated with the user, 

15. (New) The s>stem of claim 4, wherein the first data processing agent is funher configuredto: 

store the ceceived authentication information; and 

use the stored authentication information to authenticate tiie user in response to receiving a 
second service rccjuest from the user without submitting a subsequent authentication request to the 
second data processing agent. 



-6- 

WEIKGARTHN, SaiURCIN. 
GACNHHIN ft LESOVia LLP 
TEI.(617)S'l2i2290 
FAX (6l7)45t^lJ 



PAGE 8(16' RCVD AT 10/1412004 4:51:48 PM [Eastern Daylight rone] * SVKUSPTO-EFXRF-I/I ' DNIS:8729306 ' CSID:161769S0892 * DURATION M:04-32 



10/1 4/2004 16:52 FAX 16176950692 WSGL I2I009 

Application No, 09/585,747 
Filed: June 2, 2000 
TC Art Unit 2)32 
Confirmation No.: 7128 

16. (New) The method of claim 5, further comprising the steps of, 

receiving the second service request from the user at the other first data processing agent; 

and 

transmilling a message fixsm the other first data processing agent to the second data 
processing agent indicating receipt of the second service request from the iiser, and 

wherein the step of resetting the timeout period is responsive to receipt of the message 
indicadng receipt of the second service request firom the user. 

1 7. (New) The method of claim 5, further comprising the steps of: 

if the user is successfully authenticated, storing a second timeout value indicative of a 
second predetermined time period on at least one of the plurality of first data processing agents; and 

if the at least one of the plurality of first data processing agents receives the second service 
request before the second timeout period is exceeded: 

restarting the second timeout period stored on at least the second data processing 
agent that received the second service request; and 

providing the requested service to the user without requiring the user to be 
authenticated at the second data processing agent upon receipt of the second service reqiKMt. 

1 8. (New) The method of claim 17, wherein the second predetermined time period is less than the 
first predetermined time period. 
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19. (New) The method of claim 17, further comprising the step of inputting the second timeout 
value from the user. 

20. (New) The method of claim 5, further comprising the step of inputting the first timeout value 
from the user. 

2L (New) The system of claim 8, wherein at least one of the plurality of first data processing agents 
is configured to: 

store a second timeout value indicative of a second time period if the user is successfully 
authenticated; and 

if the least one of the plurality of first data processing agents receives the second service 
request before the second timeout period is exceeded: 
restart the second timeout period; and 

provide the requested service to the user without requiring the user to be 
authenticated at the second data processing agent upon receipt of the second service request 

22. (New) The system of claim 21, wherein the second predetemiined time period is less than the 
first predetermined time period. 

23. (New) The system of claim 22, wherein at least one of the plurality of first data processing 
agents is configured to receive the second timeout value fix)m the user. 
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24. (New) The syfiiem of claim 22, herein the second data processing agent is configured to 
receive the second limeout value from the user. 
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